You have a Discord webhook URL that looks correct, but when you try to send a message, the Discord API returns a 401 Unauthorized error. This error means Discord rejected your request because it could not verify your identity, even though the webhook URL structure appears valid. The root cause is almost always a subtle formatting error in the URL itself, a mismatch between the webhook ID and token, or a permission restriction on the webhook or the target channel. This article explains the exact causes of the 401 error on Discord webhooks and provides step-by-step fixes to resolve it.
Key Takeaways: Fixing Discord Webhook 401 Errors
- Webhook URL format
https://discord.com/api/webhooks/{id}/{token}: The token part is a 68-character base64 string that must be exact and not truncated. - Webhook settings > Edit channel permissions: The webhook must have the Send Messages permission on the target channel, and the channel must not be restricted.
- HTTP request method POST with JSON body: Send a POST request with a JSON payload containing a
contentfield to the full webhook URL.
Why Discord Webhooks Return a 401 Unauthorized Error
Discord webhooks use a two-part authentication system embedded in the URL: a webhook ID and a webhook token. The ID is a numeric identifier for the webhook. The token is a 68-character base64-encoded string that acts as the secret key. When you send a POST request to https://discord.com/api/webhooks/{id}/{token}, Discord looks up the webhook by its ID and checks that the provided token matches the stored token exactly. If either part is wrong, Discord responds with HTTP 401 Unauthorized.
A 401 error does not mean the webhook is deleted or the channel is gone. It means the authentication credentials you provided are invalid. The most common reasons are:
- Copying the URL incorrectly, missing a character or including an extra space.
- Using a webhook URL from a deleted or regenerated webhook. When you regenerate a webhook token, the old URL stops working.
- Sending the request to the wrong endpoint, such as
/webhooks/{id}without the token. - Using an HTTP method other than POST, such as GET or PUT, which Discord does not support for sending messages.
- Making the request from a different server or bot that does not have the correct webhook ID and token pair.
Another less common cause is a channel permission issue. If the webhook has been manually restricted in the channel permissions or if the channel is a private thread that the webhook cannot access, Discord may return a 401 even if the URL is correct. This happens because Discord checks permissions after authentication. If the webhook exists but lacks permission to post in that channel, the API returns 401 instead of a more descriptive error.
Steps to Fix the Discord Webhook 401 Error
- Verify the webhook URL character by character
Open your Discord server and go to Server Settings > Integrations > Webhooks. Click on the webhook you are using. Copy the full webhook URL again. Paste it into a plain text editor that does not auto-format links. Check that the URL starts withhttps://discord.com/api/webhooks/. After the slash, there must be a numeric ID, then another slash, then a 68-character token. The token contains only letters, numbers, and the hyphen and underscore characters. Do not include any trailing spaces, line breaks, or extra characters. - Regenerate the webhook token if the URL is outdated
In the same webhook settings page, click the Copy Webhook URL button again. If you see a Regenerate button next to the URL, the webhook token was regenerated at some point. Click Regenerate, then copy the new URL. Update your code or service with this fresh URL. The old URL will now always return a 401. - Check the webhook ID and token in your code
If you are constructing the URL manually in code, ensure you are usinghttps://discord.com/api/webhooks/{webhookId}/{webhookToken}. Do not append any extra path segments or query parameters. Print or log the full URL to confirm it matches the one from Discord. If you are using a library or a third-party service, make sure the library is not modifying the URL. - Send a POST request with the correct content type
Use an HTTP POST method. Set the Content-Type header toapplication/json. The request body must be a JSON object with at least acontentfield. For example:{"content": "Hello from webhook"}. Do not use GET, PUT, or other methods. If you are testing with curl, use:curl -X POST -H "Content-Type: application/json" -d '{"content":"test"}' https://discord.com/api/webhooks/{id}/{token} - Check channel permissions for the webhook
Go to the target text channel in Discord. Click the gear icon to open Channel Settings > Permissions. Scroll to the Webhooks role or the specific webhook name. Ensure the Send Messages permission is set to a green checkmark. If the channel is a private thread, the webhook cannot post there. Use a standard text channel instead. Also check if the channel has slowmode or is temporarily locked by a moderator. - Test the webhook with a simple tool
Use a webhook testing tool like Discord Webhook Tester or the built-in test button in Discord. In the webhook settings, click Send Test Message. If the test message works, the webhook URL is valid and the problem is in your code or service. If the test also returns a 401, the webhook itself is broken and you need to create a new webhook. - Create a new webhook if all else fails
In Server Settings > Integrations > Webhooks, click New Webhook. Give it a name, select the target channel, and click Create. Copy the new URL and use it in your application. Delete the old webhook to avoid confusion.
If Discord Still Returns 401 After the Main Fix
Webhook URL contains a space or invisible character
When copying a webhook URL from Discord, some browsers or clipboard managers insert a trailing space or a zero-width character. Paste the URL into a hex editor or use a URL decoder to check for hidden characters. If you find any, remove them and retry the request.
Using the wrong HTTP method
Discord only accepts POST requests for sending messages via webhooks. If you use GET, the API returns a 401. If you use PUT, PATCH, or DELETE, Discord may also return 401. Always confirm that your HTTP client is sending a POST request.
Webhook belongs to a different Discord server
You might have copied the webhook URL from one server but are trying to use it in a different server or channel. Webhooks are server-specific. Go to the Integrations page of the server where you want the webhook to post and create a new webhook there.
Rate limiting or IP block
If you send many requests in a short time, Discord may temporarily block your IP address and return a 401 or 429. Wait 10 minutes and try again with a single test request. If it works, reduce your request frequency to within Discord’s rate limits (5 requests per second per webhook).
Webhook deleted by a moderator
Check the Integrations page in Server Settings. If the webhook no longer appears in the list, it was deleted. Create a new webhook and update your code with the new URL.
| Item | Correct Webhook URL | Incorrect Webhook URL |
|---|---|---|
| Format | https://discord.com/api/webhooks/123456789012345678/abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_- |
https://discord.com/api/webhooks/123456789012345678 (missing token) |
| Token length | 68 characters | Any other length |
| HTTP method | POST | GET, PUT, PATCH, DELETE |
| Content-Type header | application/json |
text/plain or missing header |
| Request body | JSON with content field |
Empty body or non-JSON data |
You can now identify and fix a 401 error on any Discord webhook by checking the URL format, regenerating the token, verifying permissions, and using the correct HTTP method. Next time you create a webhook, copy the URL immediately and store it securely. For advanced use, consider using Discord’s webhook rate limit headers to avoid being blocked.